From 71f28dfee264147d1fb5cd3f499cb281e33017e7 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Wed, 21 Feb 2018 22:42:18 -0600 Subject: [PATCH] Add pyrocufflink-dns group The *pyrocufflink-dns* group specifies the BIND configuration for the primary DNS servers on the "new" Pyrocufflink network. --- group_vars/pyrocufflink-dns.yml | 58 +++++++++++++++++++++++++++++++++ hosts | 5 +++ 2 files changed, 63 insertions(+) create mode 100644 group_vars/pyrocufflink-dns.yml diff --git a/group_vars/pyrocufflink-dns.yml b/group_vars/pyrocufflink-dns.yml new file mode 100644 index 0000000..0d5498d --- /dev/null +++ b/group_vars/pyrocufflink-dns.yml @@ -0,0 +1,58 @@ +named_listen: +- addresses: + - any +named_listen_v6: +- addresses: + - any +named_allow_query: +- any +named_dnssec_validation: false + +named_zones: +- zone: pyrocufflink.red + type: master + default_records: + - name: + value: 172.30.0.4 + - name: + type: AAAA + value: 2605:6000:3ccc:fb00::4:1 + allow_update: + - '{ !{ !172.30.0.1; any; }; key dhcp-ddns; }' + - '{ !{ !localhost; any; }; key local-ddns; }' + ttl: 30 +- zone: 1.31.172.in-addr.arpa + type: master + allow_update: + - '{ !{ !172.30.0.1; any; }; key dhcp-ddns; }' + - '{ !{ !localhost; any; }; key local-ddns; }' + ttl: 30 +- zone: pyrocufflink.blue + type: forward + forward: only + forwarders: + - 172.30.0.10 + - 172.30.0.9 +- zone: 0.30.172.in-addr.arpa + type: forward + forward: only + forwarders: + - 172.30.0.10 + - 172.30.0.9 +- zone: pyrocufflink.jazz + type: forward + forward: only + forwarders: + - 172.31.0.4 + - 172.31.0.10 +- zone: 0.31.172.in-addr.arpa + type: forward + forward: only + forwarders: + - 172.31.0.4 + - 172.31.0.10 + +named_keys: +- name: dhcp-ddns + algorithm: hmac-md5 + secret: +0zVSpY8oFrxl2F1qB8tT2HMgbuD31JurL9w4zilNCg= diff --git a/hosts b/hosts index 4b4b95b..16e0694 100644 --- a/hosts +++ b/hosts @@ -8,3 +8,8 @@ dc1.pyrocufflink.blue ansible_host=2605:6000:3ccc:fb00::9:1 [samba-dc] dc0.pyrocufflink.blue dc1.pyrocufflink.blue + +[pyrocufflink-dns] + +[named-server:children] +pyrocufflink-dns